From owner-freebsd-questions Wed May 29 16:44:45 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id QAA26489 for questions-outgoing; Wed, 29 May 1996 16:44:45 -0700 (PDT) Received: from mailhub.aros.net (mailhub.aros.net [205.164.111.17]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id QAA26475 for ; Wed, 29 May 1996 16:44:41 -0700 (PDT) Received: from terra.aros.net (terra.aros.net [205.164.111.10]) by mailhub.aros.net (8.7.5/Unknown) with ESMTP id SAA09089; Wed, 29 May 1996 18:15:22 -0600 (MDT) Received: (from angio@localhost) by terra.aros.net (8.7.5/8.6.12) id RAA12179; Wed, 29 May 1996 17:44:30 -0600 From: Dave Andersen Message-Id: <199605292344.RAA12179@terra.aros.net> Subject: Re: Er... how long To: terry@lambert.org (Terry Lambert) Date: Wed, 29 May 1996 17:44:29 -0600 (MDT) Cc: jfieber@indiana.edu, rhh@ct.picker.com, p.richards@elsevier.co.uk, freebsd-questions@freebsd.org In-Reply-To: <199605291809.LAA13861@phaeton.artisoft.com> from "Terry Lambert" at May 29, 96 11:09:53 am X-Mailer: ELM [version 2.4 PL25 PGP2] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Lo and behold, Terry Lambert once said: > What race condition do you believe exists such that this will > happen? The same race condition which allows the setgid version of filter to be used to read anyone's email. :-) When filter handles your file, it creates a temp file in /tmp. It then closes this file, and passes the filename to other functions for handling. The other functions open up the file, do their stuff, close the file, and hand the filename off to still further functions. You get the drift. There are several points during this when the file can be modified between filter functions. My guess is that there's a decent chance that, on a slow system with a lot of email activity, you'll eventually run in to a conflict. That's just a guess based on some hacking of the source. Incidentally, if anyone wants it, I rewrote filter to not pass filenames around but instead to use it's brain and pass file descriptors like a good little program should. I did it primarily to fix the security hole -- the linux version runs setgid -- but it also has the advantage of not having the same race conditions, saves a couple file opens and closes, etc. -Dave Andersen -- angio@aros.net Complete virtual hosting and business-oriented system administration Internet services. (WWW, FTP, email) http://www.aros.net/ http://www.aros.net/about/virtual "There are only two industries that refer to thier customers as 'users'."